CN110620791A - Industrial safety data ferrying system with early warning function - Google Patents
Industrial safety data ferrying system with early warning function Download PDFInfo
- Publication number
- CN110620791A CN110620791A CN201910960715.4A CN201910960715A CN110620791A CN 110620791 A CN110620791 A CN 110620791A CN 201910960715 A CN201910960715 A CN 201910960715A CN 110620791 A CN110620791 A CN 110620791A
- Authority
- CN
- China
- Prior art keywords
- data
- unit
- early warning
- host unit
- internal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/418—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS], computer integrated manufacturing [CIM]
- G05B19/4185—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS], computer integrated manufacturing [CIM] characterised by the network communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Abstract
The invention relates to an industrial safety data ferrying system with an early warning function, and belongs to the technical field of industrial control safety. The system comprises an internal host unit, an early warning unit, an isolation and data ferry unit and an external host unit. The internal host unit, the early warning unit, the isolation and data ferry unit and the external host unit are mutually independent. The isolation and data ferry unit is connected with the internal host unit and the external host unit, so that the isolation of the internal network and the external network is realized. The internal host unit is connected with the early warning unit, and the external host unit is connected with the early warning unit. The early warning unit comprises a control unit, an early warning module, a storage module and a display, wherein the control unit is connected with the internal host unit and the response processing module in the external host unit and is responsible for hierarchical early warning, historical log storage and threat processing information display. The invention can detect and locate the threat behavior in the ferry process while ensuring the safe isolated exchange of data among different networks, and can carry out grading early warning and proper treatment in time, and feedback the threat situation through the indicator light and the display screen, thereby greatly improving the management efficiency of the industrial system and ensuring the industrial control safety.
Description
Technical Field
The invention relates to an industrial safety data ferrying system with an early warning function, and belongs to the technical field of industrial control safety.
Background
With the increasingly compact combination of industrialization and informatization, the communication environment of an industrial control system has been changed from the traditional physically isolated industrial ethernet to the open internet, the contact and interaction types between industrial equipment and related personnel are more and more abundant, but the network security system which is not yet perfect also brings huge potential safety hazards to the communication transmission mode, even seriously affects the normal operation of national key infrastructure, and becomes an important factor for restricting the convergence of the two technologies and the development of industry 4.0.
The existing industrial control data ferrying system blocks communication connection among different networks, only completes isolation exchange of data in a trusted network environment, but cannot accurately position, early warn in a grading way and properly process threats in a data ferrying process, and has the advantages of single protection capability, low system management efficiency and potential safety hazard in the using process.
Disclosure of Invention
In view of the above, the present invention is directed to an industrial safety data ferry system with an early warning function. The system can detect and locate threat behaviors existing in the data ferrying process while ensuring data security isolation exchange among different networks, timely performs grading early warning and proper processing, and greatly improves the management efficiency of technical personnel to the industrial control data ferrying system by feeding back threat conditions through the indicator lamp and the display screen.
The system comprises: the system comprises an internal host unit, an early warning unit, an isolation and data ferry unit and an external host unit. The internal host unit, the early warning unit, the isolation and data ferry unit and the external host unit are mutually independent, and the internal host unit and the external host unit respectively run independent operating systems. The internal host unit is connected with the early warning unit, and the external host unit is connected with the early warning unit. The isolation and data ferry unit is connected with the internal host unit and the external host unit, and the isolation of the internal network and the external network is realized through the isolation and data ferry unit.
The external host unit comprises an external network interface, a detection module, a response processing module and an external network data buffer area; the external network interface receives external network data and is connected with the detection module, the detection module is responsible for judging whether the external network data received by the external network interface is threatened or not, the detection module is connected with the response processing module, the response processing module is responsible for receiving the result of the detection module and carrying out normal data processing and alarm data processing operations, and the response processing module is connected with the external network data buffer zone and is responsible for safety data transmission between the external host unit and the isolation and data ferry unit.
Wherein the detection module comprises host system detection, DDoS (distributed denial of service attack) detection, access control, protocol filtering, file detection and threat positioning. The host system detects whether the host system normally operates or not; the DDoS detection is used for detecting whether the host is attacked by the DDoS; the access control checks whether the access is authenticated and authorized identity access, and whether the access is a designated IP or a designated login account; whether the protocol filtering detection protocol is an industrial control transmission standard protocol specified by OPC, Modbus, DNP3, IEC104, S7, Profinet and the like; the file detection is used for detecting whether the content of the file is maliciously tampered; the threat location is used to identify a specific location in the system where the threat occurred.
The response processing module comprises normal data processing and alarm data processing. The normal data processing operation means that after being detected by the detection module, protocol decapsulation is carried out on data without exception, the data are restored into original data, the original data are encapsulated into an internal self-defined protocol again, and the data are sent to the isolation and data ferry unit through an external network data buffer area; the alarm data processing operation means that after being detected by the detection module, abnormal data is intercepted and captured and sent to the early warning unit.
The early warning unit comprises a control unit, an early warning module, a storage module and a display, wherein the control unit is connected with the internal host unit and the response processing module in the external host unit and is responsible for hierarchical early warning, historical log storage and threat processing information display.
The early warning module comprises three indicator lamps, namely an indicator lamp 1, an indicator lamp 2 and an indicator lamp 3, and the early warning module corresponds to three kinds of early warning prompts of emergency, suspicious and safety respectively. The emergency prompt comprises the steps that a host system is abnormal, DDoS attack is suffered, unauthenticated and authorized identity access is carried out, abnormal IP (Internet protocol) is carried out, an abnormal login account number, abnormal protocol transmission and file content tampering are carried out, and when abnormal data meet the threat types, the control unit lights an indicator lamp 1; the suspicious prompt comprises authenticated and authorized identity remote login, a new account is created, and when abnormal data meet the threat types, the control unit lights the indicator lamp 2; the safety prompt comprises a non-threat behavior, data is transmitted normally and safely, and when the data meets the types, the control unit lights the indicator lamp 3. When the corresponding threat type is processed, the control unit extinguishes the indicator lamp 1 or the indicator lamp 2, or resets the state of the indicator lamp through a reset key.
The storage module comprises log records and alarm data storage and is responsible for storing the log records of the threat behaviors and the alarm data.
The display module displays threat information including threat types, early warning prompts and threat data processing states. The threat processing state includes unprocessed and processed.
The isolation and data ferry unit comprises a control unit and a data exchange area. The control unit controls the establishment and disconnection of the connection with the internal host unit and the external host unit. After receiving the data encapsulated by the internal custom protocol from the external network data buffer area, the control unit disconnects the connection with the external host unit at the moment and establishes the connection with the internal host unit. At this point the data is ferred to the internal data buffer of the internal host unit in the data exchange area. And the response processing module in the internal host unit performs protocol decapsulation on the data without exception, restores the data into original data, repackages the original data into standard protocol data, and sends the data through the intranet interface.
The internal host unit comprises an external network interface, a detection module, a response processing module and an internal network data buffer zone; the intranet interface receives intranet data and is connected with the detection module, the detection module is responsible for judging whether the intranet data received by the intranet interface is threatened or not, the detection module is connected with the response processing module, the response processing module is responsible for receiving results of the detection module and carrying out normal data processing and alarm data processing operations, and the response processing module is connected with the intranet data buffer zone and is responsible for safety data transmission between the internal host unit and the isolation and data ferry unit.
The standard protocols include OPC, Modbus, DNP3, IEC104, S7, Profinet protocols.
When the isolation and data ferry unit simultaneously ensures data transmission on software and hardware, only one end of the internal host unit and the external host unit is connected with the isolation and data unit at the same time.
The invention has the following advantages: the invention can detect and locate threat behaviors existing in the ferry process while ensuring the safe isolated exchange of data among different networks, timely performs graded early warning and proper treatment, feeds back threat conditions through the indicator light and the display screen, and can be matched with a camera or a robot deployed in a machine room to detect the safety state. Because the functional units are independent and do not interfere with each other, especially the early warning unit is directly connected with the outside without any communication line, and the safety of the system is further improved.
Drawings
FIG. 1 is a structural diagram of an industrial safety data ferry system with an early warning function
FIG. 2 is a block diagram of an internal detection module of an industrial safety data ferry system with an early warning function
FIG. 3 is a block diagram of an internal response processing module of an industrial safety data ferry system with an early warning function
FIG. 4 is a flowchart of the operation of an industrial safety data ferry system with an early warning function
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the present invention will be described clearly and completely with reference to the accompanying drawings, and it is obvious that the described embodiments are a part of the embodiments of the present invention, but not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, the present invention discloses an industrial safety data ferry system with an early warning function, which comprises an internal host unit, an early warning unit, an isolation and data ferry unit, and an external host unit. The internal host unit, the early warning unit, the isolation and data ferry unit and the external host unit are mutually independent, and the internal host unit and the external host unit respectively run independent operating systems. The early warning unit is connected with the internal host unit and the external host unit. The isolation and data ferry unit is connected with the internal host unit and the external host unit, and the isolation of the internal network and the external network is realized through the isolation and data ferry unit.
The internal host unit and the external host unit are symmetrical in structure and comprise internal and external network interfaces, a detection module, a response processing module and an internal and external network data buffer area.
As shown in fig. 2, the detection module includes host system detection, DDoS detection, access control, protocol filtering, file detection, and threat localization.
The host system detection is used for detecting whether the host system is normally operated.
And the DDoS detection is used for detecting whether the host computer is attacked by the DDoS.
The access control is used to check whether the access is authenticated and authorized identity access, whether it is a designated IP or a designated login account.
The protocol filtering is used to detect whether it is an industry control transfer standard protocol designated by OPC, Modbus, DNP3, IEC104, S7, Profinet, etc.
The file detection is used for detecting whether the content of the file is maliciously tampered.
The threat location is used to identify a specific location in the system where the threat occurred.
As shown in fig. 3, the response processing module includes normal data processing and alarm data processing, and the normal data processing operation means that after being detected by the detection module, protocol decapsulation is performed on data without exception, the data is restored to original data, and is encapsulated again to an internal self-defined protocol, and the data is sent to the isolation and data ferry unit through an external network data buffer area; the alarm data processing operation means that after being detected by the detection module, abnormal data is intercepted and captured and is sent to the early warning unit for relevant operation.
In the industrial safety data ferry system with the early warning function provided by the invention, the early warning unit comprises: the control unit is used for receiving the abnormal data of the response processing unit, carrying out grading early warning, controlling the state of the indicator light and controlling the display to display the threat information; the early warning module is used for carrying out graded early warning; the storage module is used for recording the threat behavior log and storing alarm data; and the display module is used for displaying the threat information including the threat type, the early warning prompt and the threat data processing state.
As shown in fig. 4, the extranet processing unit is responsible for receiving extranet data and detecting the extranet data. The detection comprises host system detection, DDoS detection, access control, protocol filtering, file detection and threat positioning, and the detection result is sent to the response processing module; if the response processing module receives the abnormal-free data, the response processing module carries out protocol decapsulation on the abnormal-free data, restores the abnormal-free data into original data and encapsulates the original data into an internal self-defined protocol again, the data are sent to the isolation and data ferry unit through the external network data buffer area, and the isolation and data ferry unit realizes the establishment and disconnection of connection with the internal host unit and the external host unit. The isolation and data ferry unit comprises a control unit and a data exchange area, and after receiving data encapsulated by the internal custom protocol from the external network data buffer area, the control unit is disconnected with the external host unit and establishes connection with the internal host unit. At this point, the data is ferred to the intranet data buffer of the internal host unit in the data exchange zone. The response processing module in the internal host unit carries out protocol decapsulation on the data without exception, then restores the data into original data, repackages the original data into standard protocol data, and sends the data through the intranet interface; and if the response processing module receives the abnormal data, the response processing module intercepts and captures the abnormal data and sends the abnormal data to the early warning unit for related operation.
The early warning module comprises three indicator lamps, namely an indicator lamp 1, an indicator lamp 2 and an indicator lamp 3, and the early warning module corresponds to three early warning prompts of emergency, suspicious and safety respectively. When a host system is abnormal, DDoS attack is suffered, unauthenticated and authorized identity access, abnormal IP, an abnormal login account number, abnormal protocol transmission and file content are tampered, the control unit lights the indicator lamp 1, at the moment, the state is an emergency state, when the authenticated and authorized identity is logged in different places, and a new account number is created, the control unit lights the indicator lamp 2, at the moment, the state is a suspicious state, when no threat exists, data is transmitted normally and safely, the control unit lights the indicator lamp 3, at the moment, the state is a safe state, and after the corresponding threat type is processed, the control unit turns off the indicator lamp 1 or the indicator lamp 2, or resets the indicator lamp state through a reset key, and updates log information; the early warning prompt, the threat type and the processing state information can be synchronously displayed on the display module.
The embodiments of the present invention have been described in detail, and the principles and embodiments of the present invention are explained in detail herein using specific embodiments, which are merely used to help understand the principles of the present invention; meanwhile, for a person skilled in the art, the embodiment of the present invention may be changed in the specific implementation manner and the application scope, and in summary, the content of the present description should not be construed as limiting the present invention.
Claims (8)
1. The utility model provides an industry safety data ferry system with early warning function which characterized in that, includes inside host computer unit, early warning unit, isolation and data ferry unit, outside host computer unit. The internal host unit, the early warning unit, the isolation and data ferry unit and the external host unit are mutually independent, and the internal host unit and the external host unit respectively run independent operating systems. The early warning unit is connected with the internal host unit and the external host unit. The isolation and data ferry unit is connected with the internal host unit and the external host unit, and the isolation of the internal network and the external network is realized through the isolation and data ferry unit.
2. The industrial safety data ferry system with the early warning function according to claim 1, wherein the external host unit comprises an extranet interface, a detection module, a response processing module and an extranet data buffer area; the external network interface receives external network data and is connected with the detection module, the detection module is responsible for judging whether the external network data received by the external network interface is threatened or not, the detection module is connected with the response processing module, the response processing module is responsible for receiving the result of the detection module and carrying out normal data processing and alarm data processing operations, and the response processing module is connected with the external network data buffer zone and is responsible for safety data transmission between the external host unit and the isolation and data ferry unit.
3. The industrial safety data ferry system with early warning function according to claim 2, wherein the detection module comprises host system detection, DDoS (distributed denial of service attack) detection, access control, protocol filtering, file detection and threat location.
4. The industrial safety data ferry system with early warning function according to claim 2, wherein the response processing module comprises normal data processing and alarm data processing. The normal data processing operation means that after being detected by the detection module, protocol decapsulation is carried out on data without exception, the data are restored into original data, the original data are encapsulated into an internal self-defined protocol again, and the data are sent to the isolation and data ferry unit through an external network data buffer area; the alarm data processing operation means that after being detected by the detection module, abnormal data is intercepted and captured and sent to the early warning unit.
5. The industrial safety data ferry system with the early warning function according to claim 1, wherein the early warning unit comprises a control unit, an early warning module, a storage module and a display, the control unit is connected with response processing modules inside the internal host unit and the external host unit and is responsible for hierarchical early warning, storing historical logs and displaying threat processing information.
6. The industrial safety data ferry system with early warning function according to claim 5, wherein the early warning module comprises three indicator lights, namely indicator light 1, indicator light 2 and indicator light 3, which respectively correspond to three early warning prompts of emergency, suspicious and safety. The emergency prompt comprises the steps that a host system is abnormal, DDoS attack is suffered, unauthenticated and authorized identity access is carried out, abnormal IP (Internet protocol) is carried out, an abnormal login account number, abnormal protocol transmission and file content tampering are carried out, and when abnormal data meet the threat types, the control unit lights an indicator lamp 1; the suspicious prompt comprises authenticated and authorized identity remote login, a new account is created, and when abnormal data meet the threat types, the control unit lights the indicator lamp 2; the safety prompt comprises a non-threat behavior, data is transmitted normally and safely, and when the data meets the types, the control unit lights the indicator lamp 3. When the corresponding threat type is processed, the control unit extinguishes the indicator lamp 1 or the indicator lamp 2, or resets the state of the indicator lamp through a reset key, and updates log information; the storage module comprises log records and alarm data storage and is responsible for storing the log records of the threat behaviors and the alarm data; the display module displays threat information including threat types, early warning prompts and threat data processing states. The threat processing state includes unprocessed and processed.
7. The industrial safety data ferry system with early warning function according to claim 1, wherein the isolation and data ferry unit comprises a control unit and a data exchange area. The control unit controls the establishment and disconnection of the connection with the internal host unit and the external host unit. After receiving the data encapsulated by the internal custom protocol from the external network data buffer area, the control unit disconnects the connection with the external host unit at the moment and establishes the connection with the internal host unit. At this point the data is ferred to the internal data buffer of the internal host unit in the data exchange area. And the response processing module in the internal host unit performs protocol decapsulation on the data without exception, restores the data into original data, repackages the original data into standard protocol data, and sends the data through the intranet interface. When the isolation and data ferry unit simultaneously ensures data transmission on software and hardware, only one end of the internal host unit and the external host unit is connected with the isolation and data unit at the same time.
8. The industrial safety data ferry system with early warning function according to claim 1, wherein the internal host unit comprises an external network interface, a detection module, a response processing module and an internal network data buffer zone; the intranet interface receives intranet data and is connected with the detection module, the detection module is responsible for judging whether the intranet data received by the intranet interface is threatened or not, the detection module is connected with the response processing module, the response processing module is responsible for receiving results of the detection module and carrying out normal data processing and alarm data processing operations, and the response processing module is connected with the intranet data buffer zone and is responsible for safety data transmission between the internal host unit and the isolation and data ferry unit.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910960715.4A CN110620791A (en) | 2019-10-10 | 2019-10-10 | Industrial safety data ferrying system with early warning function |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910960715.4A CN110620791A (en) | 2019-10-10 | 2019-10-10 | Industrial safety data ferrying system with early warning function |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110620791A true CN110620791A (en) | 2019-12-27 |
Family
ID=68925610
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910960715.4A Pending CN110620791A (en) | 2019-10-10 | 2019-10-10 | Industrial safety data ferrying system with early warning function |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110620791A (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112073375A (en) * | 2020-08-07 | 2020-12-11 | 中国电力科学研究院有限公司 | Isolation device and isolation method suitable for power Internet of things client side |
CN112783117A (en) * | 2020-12-29 | 2021-05-11 | 浙江中控技术股份有限公司 | Method and device for data isolation between security and conventional control applications |
CN112910921A (en) * | 2021-03-02 | 2021-06-04 | 中核武汉核电运行技术股份有限公司 | Industrial control boundary network safety protection method |
CN113824669A (en) * | 2020-06-18 | 2021-12-21 | 深圳市桑威科技有限公司 | External computer network early warning equipment and method |
CN113965395A (en) * | 2021-10-28 | 2022-01-21 | 绿盟科技集团股份有限公司 | Method, system and device for safely accessing intranet in real time |
CN115065498A (en) * | 2022-04-15 | 2022-09-16 | 北京全路通信信号研究设计院集团有限公司 | Peripheral ferry device and system thereof |
CN115189917A (en) * | 2022-06-13 | 2022-10-14 | 上海华瑞众信技术有限公司 | Isolation device realized by using FPGA + MCU |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102984170A (en) * | 2012-12-11 | 2013-03-20 | 清华大学 | System and method for safe filtering of industrial control network |
CN104683352A (en) * | 2015-03-18 | 2015-06-03 | 宁波科安网信通讯科技有限公司 | Industrial communication isolation gap with double-channel ferrying function |
CN204392296U (en) * | 2015-02-10 | 2015-06-10 | 杭州优稳自动化系统有限公司 | Secure isolation gateway in a kind of industrial control network |
CN105656883A (en) * | 2015-12-25 | 2016-06-08 | 冶金自动化研究设计院 | Unidirectional transmission internal and external network secure isolating gateway applicable to industrial control network |
CN106341397A (en) * | 2016-08-25 | 2017-01-18 | 柏盟(北京)科技发展有限公司 | Industrial safety isolation GAP |
CN108322484A (en) * | 2018-04-11 | 2018-07-24 | 江苏亨通工控安全研究院有限公司 | A kind of industrial control data ferry-boat system |
CN108521423A (en) * | 2018-04-10 | 2018-09-11 | 江苏亨通工控安全研究院有限公司 | HWIL simulation industry control network target range system |
CN109510841A (en) * | 2018-12-26 | 2019-03-22 | 杭州优稳自动化系统有限公司 | A kind of security isolation gateway of control device and system |
US20190294784A1 (en) * | 2016-06-20 | 2019-09-26 | Jask Labs Inc. | Method for detecting a cyber attack |
-
2019
- 2019-10-10 CN CN201910960715.4A patent/CN110620791A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102984170A (en) * | 2012-12-11 | 2013-03-20 | 清华大学 | System and method for safe filtering of industrial control network |
CN204392296U (en) * | 2015-02-10 | 2015-06-10 | 杭州优稳自动化系统有限公司 | Secure isolation gateway in a kind of industrial control network |
CN104683352A (en) * | 2015-03-18 | 2015-06-03 | 宁波科安网信通讯科技有限公司 | Industrial communication isolation gap with double-channel ferrying function |
CN105656883A (en) * | 2015-12-25 | 2016-06-08 | 冶金自动化研究设计院 | Unidirectional transmission internal and external network secure isolating gateway applicable to industrial control network |
US20190294784A1 (en) * | 2016-06-20 | 2019-09-26 | Jask Labs Inc. | Method for detecting a cyber attack |
CN106341397A (en) * | 2016-08-25 | 2017-01-18 | 柏盟(北京)科技发展有限公司 | Industrial safety isolation GAP |
CN108521423A (en) * | 2018-04-10 | 2018-09-11 | 江苏亨通工控安全研究院有限公司 | HWIL simulation industry control network target range system |
CN108322484A (en) * | 2018-04-11 | 2018-07-24 | 江苏亨通工控安全研究院有限公司 | A kind of industrial control data ferry-boat system |
CN109510841A (en) * | 2018-12-26 | 2019-03-22 | 杭州优稳自动化系统有限公司 | A kind of security isolation gateway of control device and system |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113824669A (en) * | 2020-06-18 | 2021-12-21 | 深圳市桑威科技有限公司 | External computer network early warning equipment and method |
CN112073375A (en) * | 2020-08-07 | 2020-12-11 | 中国电力科学研究院有限公司 | Isolation device and isolation method suitable for power Internet of things client side |
CN112073375B (en) * | 2020-08-07 | 2023-09-26 | 中国电力科学研究院有限公司 | Isolation device and isolation method suitable for client side of electric power Internet of things |
CN112783117A (en) * | 2020-12-29 | 2021-05-11 | 浙江中控技术股份有限公司 | Method and device for data isolation between security and conventional control applications |
CN112910921A (en) * | 2021-03-02 | 2021-06-04 | 中核武汉核电运行技术股份有限公司 | Industrial control boundary network safety protection method |
CN113965395A (en) * | 2021-10-28 | 2022-01-21 | 绿盟科技集团股份有限公司 | Method, system and device for safely accessing intranet in real time |
CN113965395B (en) * | 2021-10-28 | 2024-02-09 | 绿盟科技集团股份有限公司 | Method, system and device for safely accessing intranet in real time |
CN115065498A (en) * | 2022-04-15 | 2022-09-16 | 北京全路通信信号研究设计院集团有限公司 | Peripheral ferry device and system thereof |
CN115065498B (en) * | 2022-04-15 | 2024-03-22 | 北京全路通信信号研究设计院集团有限公司 | Peripheral ferry device and system thereof |
CN115189917A (en) * | 2022-06-13 | 2022-10-14 | 上海华瑞众信技术有限公司 | Isolation device realized by using FPGA + MCU |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110620791A (en) | Industrial safety data ferrying system with early warning function | |
CN114629861B (en) | Enhanced intelligent process control switch port locking | |
KR20140118494A (en) | Apparatus and method for detecting anomaly in a controller system | |
CN214306527U (en) | Gas pipe network scheduling monitoring network safety system | |
CN101626368A (en) | Device, method and system for preventing web page from being distorted | |
EP1833227B1 (en) | Intrusion detection in an IP connected security system | |
CN110113336B (en) | Network flow abnormity analysis and identification method for transformer substation network environment | |
GB2532630A (en) | Network intrusion alarm method and system for nuclear power station | |
CN103378991A (en) | Online service abnormity monitoring method and monitoring system thereof | |
CN111786986B (en) | Numerical control system network intrusion prevention system and method | |
Paul et al. | Towards the protection of industrial control systems–conclusions of a vulnerability analysis of profinet IO | |
CN111669371A (en) | Network attack restoration system and method suitable for power network | |
CN107703901B (en) | Bypass industrial control information safety industrial control system | |
CN112968869A (en) | Information safety monitoring system of electric power production control large area | |
CN214627029U (en) | File transmission system based on virus prevention and traceability | |
KR20170127849A (en) | Method for securiting control system using whitelist and system for the same | |
KR102145421B1 (en) | Digital substation with smart gateway | |
CN108206828A (en) | A kind of double monitoring method of controlling security and system | |
CN210112051U (en) | Multi-information-source communication management device based on security isolation network gate | |
CN109150888B (en) | Method for controlling working mode of network security module through physical switch | |
CN107864164B (en) | Linkage alarm device based on IP embezzlement and MAC address tampering | |
CN111859434A (en) | External terminal protection device and protection system for providing confidential file transmission | |
CN1794718A (en) | Linkage protocol of network safety equipment | |
CN103258401A (en) | Real-time monitoring system | |
JP2002182738A (en) | Monitoring system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20191227 |